package com.lp.guoguo.constant;

/**
 * 安全相关常量类
 */
public class SecurityConstants {

    /**
     * JWT 相关常量
     */
    public static class JWT {
        /**
         * JWT 请求头名称
         */
        public static String TOKEN_HEADER = "Authorization";

        /**
         * JWT Token 前缀
         */
        public static String TOKEN_PREFIX = "Bearer ";

        /**
         * JWT 签发者
         */
        public static String ISSUER = "guoguo-server";

        /**
         * JWT 主题
         */
        public static String SUBJECT = "guoguo-token";

        /**
         * JWT ID 标识符
         */
        public static String JWT_ID = "guoguo-jwt-id";

        /**
         * Token有效期7天
         */
//        public static long EXPIRATION = 7 * 24 * 60 * 60 * 1000L;
        public static long EXPIRATION =  60 * 1000L;

        /**
         * JWT签名密钥
         */
        public static String SECRET_KEY = "CAk2YxuNTArhO8bi4mzLp9Ch8pkVfIHtI/JXrwG+OxbLw2/sHg6yGDmei49LEx/GZW1XTdbFO2yo32y1eExQoA==";
    }

    /**
     * 加密算法相关常量
     */
    public static class Algorithm {
        /**
         * RSA 算法
         */
        public static String RSA = "RSA";

        /**
         * AES 算法
         */
        public static String AES = "AES";

        /**
         * MD5 算法
         */
        public static String MD5 = "MD5";

        /**
         * SHA256 算法
         */
        public static String SHA256 = "SHA-256";

        /**
         * HMAC_SHA256 算法
         */
        public static String HMAC_SHA256 = "HmacSHA256";

        /**
         * AES具体模式
         */
        public static String AES_ALGORITHM = "AES/CBC/PKCS5Padding";

        /**
         * RSA 填充模式
         */
        public static String RSA_PADDING = "RSA/ECB/PKCS1Padding";

        /**
         * RSA 签名算法
         */
        public static String RSA_SIGNATURE_SHA256 = "SHA256WithRSA";

        /**
         * RSA 签名算法 - SHA1withRSA
         */
        public static String RSA_SIGNATURE_SHA1 = "SHA1WithRSA";

        /**
         * RSA 签名算法 - SHA384withRSA
         */
        public static String RSA_SIGNATURE_SHA384 = "SHA384WithRSA";

        /**
         * RSA 签名算法 - SHA512withRSA
         */
        public static String RSA_SIGNATURE_SHA512 = "SHA512WithRSA";

        /**
         * RSA 签名算法 - MD5withRSA
         */
        public static String RSA_SIGNATURE_MD5 = "MD5WithRSA";

        /**
         * RSA PSS 签名算法
         */
        public static String RSA_SIGNATURE_PSS = "RSASSA-PSS";
    }

    /**
     * 加密相关常量
     */
    public static class Encrypt {
        /**
         * RSA 密钥长度
         */
        public static int RSA_KEY_SIZE = 2048;

        /**
         * AES 密钥长度
         */
        public static int AES_KEY_SIZE = 256;

        /**
         * 加密请求头
         */
        public static String ENCRYPT_HEADER = "X-Encrypt-Key";

        /**
         * 加密响应头
         */
        public static String ENCRYPT_RESPONSE_HEADER = "X-Encrypt-Response";

        /**
         * 字符集
         */
        public static String CHARSET = "UTF-8";

        /**
         * AES IV长度
         */
        public static int IV_LENGTH = 16;

        /**
         * RSA 公钥文件名
         */
        public static String RSA_PUBLIC_KEY_FILE = "rsa_public.key";

        /**
         * RSA 私钥文件名
         */
        public static String RSA_PRIVATE_KEY_FILE = "rsa_private.key";

        /**
         * RSA 最大加密明文大小
         */
        public static int RSA_MAX_ENCRYPT_BLOCK = 245;

        /**
         * RSA 最大解密密文大小
         */
        public static int RSA_MAX_DECRYPT_BLOCK = 256;

        /**
         * RSA 密钥格式
         */
        public static String RSA_KEY_FORMAT = "X.509";
    }

    /**
     * 安全配置相关常量
     */
    public static class Security {
        /**
         * 不需要认证的 URL 路径
         */
        public static String[] EXCLUDE_URLS = {
            "/api/auth/**",
            "/api/jobs/**",
            "/api/login",
            "/api/public/**",
            "/swagger-ui/**",
            "/v3/api-docs/**",
            "/error"
        };

        /**
         * 密码加密的盐值长度
         */
        public static int SALT_LENGTH = 16;

        /**
         * 密码最小长度
         */
        public static int MIN_PASSWORD_LENGTH = 8;

        /**
         * 登录尝试次数限制
         */
        public static int MAX_LOGIN_ATTEMPTS = 5;

        /**
         * 锁定时间30分钟
         */
        public static long LOCK_TIME = 30 * 60 * 1000L;
    }

    /**
     * 验证码相关常量
     */
    public static class Captcha {
        /**
         * 验证码长度
         */
        public static int CODE_LENGTH = 6;

        /**
         * 验证码有效期5分钟
         */
        public static long EXPIRE_TIME = 5 * 60L;

        /**
         * 缓存前缀
         */
        public static String CAPTCHA_PREFIX = "captcha:";

        /**
         * 手机验证码前缀
         */
        public static String MOBILE_PREFIX = "sms:";
    }
}
